Your employees are your first line of defense. Cyber security training is a basic requirement that should be conducted for every employee and incorporated from the first day of onboarding. Train your employees on cybersecurity best practices and keep them updated with information about the latest scams and techniques adopted by cybercriminals. Frequent reminders which are able to be quickly viewed are best since they keep security top of mind and this helps employees identify situations where they themselves may become victims of a cyberattack or unwittingly compromise the organization’s cybersecurity. Untrained employees may end up becoming unintended participants in cybercrime. This threat increases as cybercriminals refine their techniques to appear more legitimate with each attempt they make to breach networks and data.
With remote operations having become the norm, organizations must spell out the dos and don’ts for their employees who are using personal devices for work. Establish a framework of best practices such as requiring antimalware protection, disabling auto-connect to open wifi, whether the use of public wifi is allowed and using only approved apps. Consider limiting what can be accessed with a BYO device. It’s fairly common to allow users to setup email accounts on their own phones, but enable policies that let you remove the email account and its data from the device remotely if it is ever required. Access to network data or line-of-business apps may best be done on managed equipment over VPN connections only and having ways to report when users were in the systems is advised when confidential data is at stake. Addressing the details of how your data is accessed remotely is a very important part of a total BYOD policy.
If you are seeking guidance on such security measures, we have resources. Contact us for details.